package com.ascainiao.paygame;

import cn.hutool.crypto.asymmetric.RSA;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTCreator;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.auth0.jwt.interfaces.JWTVerifier;

import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Calendar;
import java.util.Map;

public class JWTUtils {
    // 签名密钥
    private static final String SECRET = "!DAR$";

    /**
     * 生成token
     * @param payload token携带的信息
     * @return token字符串
     */
    public static String getToken(Map<String,String> payload){
        // 指定token过期时间为7天
        Calendar calendar = Calendar.getInstance();
        calendar.add(Calendar.DATE, 7);

        JWTCreator.Builder builder = JWT.create();
        // 构建payload
        payload.forEach((k,v) -> builder.withClaim(k,v));
        // 指定过期时间和签名算法
        String token = builder.withExpiresAt(calendar.getTime()).sign(Algorithm.HMAC256(SECRET));
        return token;
    }


    /**
     * 解析token
     * @param token token字符串
     * @return 解析后的token
     */
    public static DecodedJWT decode(String token){
        JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256(SECRET)).build();
        DecodedJWT decodedJWT = jwtVerifier.verify(token);
        return decodedJWT;
    }

    private static final String RSA_PRIVATE_KEY = "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCnjTCFZreLI1Cg8s3bnYdc6CP1Yp3PlQeW/JKssn+YGsbBgXYuv4ZXu/e94Zy1+GNvzLvxHSYasQW2eqkWuadECqFEDHx22XncH1zdbE/W9lTj25HcNPQ28S79NIQot7TisPwRAVxhl5JrN2f36YSzkoGiS6CpLRD9byH9/G6h6flY8PvcKtk+TdOiRETKIUGbfa1ip4xEwUmj3E/PhN4w1yeOmCIpicA3C+M0cecVg77JKBOthF2ZsGMR7mV3aXATvveP6vP6Ilql88EPvugz1IxgKLT3xQ8yPd+XUGBakO9buVF/9VpE0QwtMllBRzGZRDzoLu66sqtsSOzViXM3AgMBAAECggEAA01FfQOCr3PBNYLDasYGcl7CwqWwXXRe42tTyqJz4D/61bpi5VXx5E24ep31FCLydrQOqhg8dX8ykR+GsIN1F+KrvecPFtp/S8a0ckqdoitVje34SGIkw+Zp2iSMTC8eme8J8J3Zv7SYdpNvcZPBATbsZhHedycDtDLZ9SLh3T/ybsnij7K6wUpofXnD3/CRYQrF8CnulkwGDPkbxSd6xI5YTVCeTmceOEZ74OV3bEswHL7aiCSNbY3zNfvmFd8dgWcQLvqPVPyaRIR9mbl6CY5nQaBi4r3fILlWbPAHn/OxnRP5AxBrX11293crAjcQTMz1c8xGAl59Q0x3IpHXqQKBgQDjRjCr4NIZEyeKJVQk85Ma8l+ZwqVBpVwUsScwFF93pcSwZebwzBTbeqDQxnOw6R2dlWtEs2Wn8zM4+Rr9yK0UEiqzJZWOuLs6TB/t03wc35XsoN+RoYSSTeBhBULgVmD6iT/IlBysqQY+xt4gMOZ1Z64vX4KQleYy9PsLX1+GHwKBgQC8upRvx43IlsAMqGV/7wv0/CQgUtQOhFEEyA8RNX81k3lejFAj+yepsBaZo4r7pa/ixrlI4eundNv1rlxC9VxyGqPo1G6B/O5cSdHRziKIIFKuaNV5iXDHs2l1AF7bTMV/6wlskZI5S/Ew62gMyQEwxgA/iIeJhoViAptlxBF/6QKBgDk6+JCfiWhlCWThJ4Iyj82OUQKQIDsan8haH8scpjmj1Zax4miqi2oFRC+ueX2IBjwjXyKqpiOXu0NSfzh+6w6N0JDSGwoYfJUejD/ALJW8u60diY7LhG2vDJyBzaheOAd+vkANA/d6jKcMPu0OQ0o3NIabX253QMN+KyVe+9fzAoGBAK/7r2RYCR7Na4GiGRtllZm48BrwAWsT+NRjlKEwaFFWFeuTHTuf+8kgOMLFHFkxk8P8GFQcznhU4LLEBqYtUynXK5Z1WCJ/7uhBsZRZChwzP8YAXWc6QN8GrkR6tvj5KoTwbtY9G8Ovy9UY/epGGIUZbKvRrMkRlhjhY3ROkx7ZAoGBAMfgEgEqOOuo1Ocdo7VxPYtpAPuAM2AOwc11mn5LSKntuixPDIhNbv/j7X7fajVGy0Fdo1yxuKHPIFdUYJys+DtUhhQPQ2u/4ISP1fWuIArSPdjWvz79PsSRq1iDG5asH1yT33mO4yH+C3ozXjWjd4QBZBkMApHi44SpDwkvpHuj";
    private static final String RSA_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp40whWa3iyNQoPLN252HXOgj9WKdz5UHlvySrLJ/mBrGwYF2Lr+GV7v3veGctfhjb8y78R0mGrEFtnqpFrmnRAqhRAx8dtl53B9c3WxP1vZU49uR3DT0NvEu/TSEKLe04rD8EQFcYZeSazdn9+mEs5KBokugqS0Q/W8h/fxuoen5WPD73CrZPk3TokREyiFBm32tYqeMRMFJo9xPz4TeMNcnjpgiKYnANwvjNHHnFYO+ySgTrYRdmbBjEe5ld2lwE773j+rz+iJapfPBD77oM9SMYCi098UPMj3fl1BgWpDvW7lRf/VaRNEMLTJZQUcxmUQ86C7uurKrbEjs1YlzNwIDAQAB";

    /**
     * 生成token
     * @param payload token携带的信息
     * @return token字符串
     */
    public static String getTokenRsa(Map<String,String> payload){
        // 指定token过期时间为7天
        Calendar calendar = Calendar.getInstance();
        calendar.add(Calendar.DATE, 7);

        JWTCreator.Builder builder = JWT.create();
        // 构建payload
        payload.forEach((k,v) -> builder.withClaim(k,v));

        // 利用hutool创建RSA
        RSA rsa = new RSA(RSA_PRIVATE_KEY, null);
        // 获取私钥
        RSAPrivateKey privateKey = (RSAPrivateKey) rsa.getPrivateKey();
        // 签名时传入私钥
        String token = builder.withExpiresAt(calendar.getTime()).sign(Algorithm.RSA256(null, privateKey));
        return token;
    }

    /**
     * 解析token
     * @param token token字符串
     * @return 解析后的token
     */
    public static DecodedJWT decodeRsa(String token){
        // 利用hutool创建RSA
        RSA rsa = new RSA(null, RSA_PUBLIC_KEY);
        // 获取RSA公钥
        RSAPublicKey publicKey = (RSAPublicKey) rsa.getPublicKey();
        // 验签时传入公钥
        JWTVerifier jwtVerifier = JWT.require(Algorithm.RSA256(publicKey, null)).build();
        DecodedJWT decodedJWT = jwtVerifier.verify(token);
        return decodedJWT;
    }

}
